A simple tutorial to setup and configure FreeRADIUS on CentOS 5/6 and Ubuntu 11.10.
Just follow the instructions below to have your FreeRADIUS setup ready to go when used along with our WHMCS module, we have distinguished the difference between CentOS commands and Ubuntu commands:
CentOS 5:
CentOS 6:
Ubuntu:
They should install without any problems.
To setup MySQL run the following to set your password:
Common problems usually arise on cPanel servers but please check our knowldgebase for fixing issues on cPanel servers, next we need to create the radius database, type:
or
Then enter your mysql root password to continue…
Now create the database and grant all privileges to user radius:
In certain situations you may need to grant remote access to mysql, to do this please follow the guide below:
Now thats done we want to import the tables for radius:
CentOS:
Ubuntu:
Now open up CentOS:/etc/raddb/sql.conf Ubuntu: /etc/freeradius/sql.conf and enter your mysql database details you just created, Example:
In /etc/raddb/radiusd.conf ensure that the line saying:
is uncommented.
Edit /etc/raddb/sites-available/default and uncomment the line containing ‘sql’ in the authorize{} section and ‘sql’ in the accounting {} section, also uncomment ‘sql’ under session {}.
Additionally, edit /etc/raddb/sites-available/inner-tunnel and uncomment the line containing ‘sql’ under “authorize {}” and under session {}.
Open up /etc/raddb/clients.conf set your secret to something a bit more random, example:
Change:
To something like:
Now check to see if Radius is working ok:
CentOS:
Ubuntu:
To add clients (External VPN Servers) you would edit CentOS: /etc/raddb/clients.conf Ubuntu:/etc/freeradius/clients.conf and directly under this line:
Add a block such as this:
To allow external servers and software to authenticate off your FreeRADIUS, this has to be done every time you setup an external server to use this FreeRADIUS database.
Everytime you add a client or change a value in the config files you need to restart radius like this:
CentOS:
Ubuntu:
Add a test user to the radius database, first you need to login to your mysql radius database:
Switch to the radius database:
Once there execute the below commands:
Next test the test user with radtest.
If you see “rad_recv: Access-Accept” then your installation is working fine.
If you have any problems with FreeRADIUS you can run FreeRADIUS in debug mode to help pinpoint any issues, to do that just do the following:
CentOS:
Ubuntu:
Now you can see in realtime if your authentication queries are actually reaching the server or the reasons why some users may be rejected authentication.
0 $type={blogger}:
Post a Comment